WYTM - "but what if it was true?"
dan at geer.org
dan at geer.org
Fri Jun 24 10:47:41 EDT 2005
What do you tell people to do?
<commercial_message>
Defense in depth, as always. As an officer at
Verdasys, data-offload is something we block
by simply installing rules like "Only these
two trusted applications can initiate outbound
HTTP" where the word "trusted" means checksummed
and the choice of HTTP represents the most common
mechanism for spyware, say, to do the offload
of purloined information. Put differently,
if there 5,000 diseases but only two symptoms,
then symptomatic relief is the more cost-effective
approach rather than cure. In this case, why do
I care if I have spyware if it can't talk to its
distant master? (Why do I care if I have a tumor
if angiostatin keeps it forever smaller than 1mm
in diameter?) Of course, there are details, and,
of course, I am willing to discuss them at far
greater length.
</commercial_message>
--dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list